Commands

Modules: | 1 | 2 | 3 | 4 | 5 | 6 | CS | All |

Module 1 - 6 and Case Study

Module 1: Scaling IP Addresses

	Command	Command Description	Command Syntax
1.1.4	ip route 199.99.9.32 255.255.224.0 200.2.2.18	To establish static routes, use the ip route global configuration command. To remove static routes, use the no form of this command.	ip route prefix mask {address \| interface-type interface-number [ip-address]} [distance] [tag tag] [permanent]
	ip nat pool public_access 199.99.9.40 199.99.9.62 netmask 255.255.255.224	To define a pool of IP addresses for NAT, use the ip nat pool global configuration command. To remove one or more addresses from the pool, use the no form of this command.	ip nat pool name start-ip end-ip {netmask netmask \| prefix-length prefix-length}[type rotary]
	access-list 1 permit 10.10.10.0 0.0.0.255	To define an access-control list, use the access-list global configuration command. To remove a standard access lists, use the no form of this command.	IP standard access-list: access-list access-list-number {deny \| permit \| remark line} source[source-wildcard] [log]
	ip nat inside source list 1 pool public_access	To enable NAT of the inside source address, use the ip nat inside source global configuration command. To remove the static translation or remove the dynamic association to a pool, use the no form of this command.	ip nat inside source {list {access-list-number \|name} {pool name \| interface dialer-name} [overload] \| static local-ip global-ip}
	ip nat inside	To designate that traffic originating from or destined for the interface is subject to NAT, use the ip nat interface configuration command. To prevent the interface from being able to translate, use the no form of this command.	ip nat {inside \| outside}
	ip nat outside	To designate that traffic originating from or destined for the interface is subject to NAT, use the ip nat interface configuration command. To prevent the interface from being able to translate, use the no form of this command.	ip nat {inside \| outside}
	show ip nat translations	To display active NAT translations, use the show ip nat translations EXEC command.	show ip nat translations [verbose]
	ip nat inside source list 1 interface serial 0 overload	To enable NAT of the inside source address, use the ip nat inside source global configuration command. To remove the static translation or remove the dynamic association to a pool, use the no form of this command.	ip nat inside source {list {access-list-number \|name} {pool name \| interface dialer-name} [overload] \| static local-ip global-ip}
	ip nat inside source static 10.10.10.10 199.99.9.33	To enable NAT of the inside source address, use the ip nat inside source global configuration command. To remove the static translation or remove the dynamic association to a pool, use the no form of this command.	ip nat inside source {list {access-list-number \|name} {pool name \| interface dialer-name} [overload] \| static local-ip global-ip}
1.1.5	show ip nat statistics	To display NAT statistics, use the show ip nat statistics EXEC command.	show ip nat statistics
	show ip nat translations	To display active NAT translations, use the show ip nat translations EXEC command.	show ip nat translations [verbose]
	clear ip nat translation *	To clear dynamic NAT translations from the translation table, use the clear ip nat translation EXEC command.	clear ip nat translation {* \| [inside global-ip local-ip] [outside local-ip global-ip]}
	clear ip nat translation inside global-ip local-ip [outside local-ip global-ip]	To clear dynamic NAT translations from the translation table, use the clear ip nat translation EXEC command.	clear ip nat translation {* \| [inside global-ip local-ip] [outside local-ip global-ip]}
	*clear ip nat translation protocol* inside global-ip global-port local-ip local-port** [outside local-ip local-port global-ip global-port]	To clear extended dynamic NAT translations from the translation table, use the clear ip nat translation EXEC command.	clear ip nat translation protocol inside global-ip global-port local-ip local-port [outside local-ip global-ip]
1.1.6	debug ip nat	Use this command to verify the operation of the NAT feature by displaying information about every packet that is translated by the router.	debug ip nat
	debug ip nat detailed	This command generates a description of each packet considered for translation. This command also outputs information about certain errors or exception conditions, such as the failure to allocate a global address.	debug ip nat detailed
1.2.5	ip dhcp pool	To activate the IOS DHCP server and configure pool-specific settings, use the ip dhcp pool command. To remove the address pool, use the no form of this command.	ip dhcp pool pool-name
	ip dhcp excluded-address	The DHCP Server assumes that all IP addresses in a DHCP address pool subnet are available for assigning to DHCP clients. You must specify the IP address that the DHCP Server should not assign to clients.	dhcp excluded-address low-address [high-address]
	default-router	This command specifies the IP address of the default router for a DHCP client. One IP address is required but up to eight IP addresses may be specified. To disable this feature, use the no form of this command.	default-router address [address2 ... address8]
	dns-server	This command specifies the IP address of a DNS server that is available to a DHCP client. To disable this feature, use the no form of this command.	dns-server address [address2 ... address8]
	netbios-name-server	This command specifies the IP address of a netbios name server that is available to a DHCP client. One IP address is required. However, up to eight IP addresses can be specified in one command line. To remove the NetBIOS name server list, use the no form of this command.	netbios-name-server address [address2 ... address8]
	no service dhcp	Enables the CiscoIOS DHCP server and relay features on the router. Use the no form of this command to disable the Cisco IOS DHCP server and relay features.	no service dhcp
	service dhcp	Enables the CiscoIOS DHCP server and relay features on the router. Use the no form of this command to disable the Cisco IOS DHCP server and relay features.	service dhcp
	domain-name	This command specifies the domain name for the client. To remove the domain name, use the no form of this command.	domain-name domain
1.2.6	show ip dhcp binding	This command is used to display DHCP server information from EXEC mode. This displays a list of all bindings created by the DHCP service.	show ip dhcp {binding [address] \| conflict [address] \| database [url] \| server statistics}
	show ip dhcp server statistics	This command is used to display DHCP server information from EXEC mode. This will display count information regarding the number of DHCP messages that have been sent and received.	show ip dhcp {binding [address] \| conflict [address] \| database [url] \| server statistics}
1.2.8	ip helper-address	To have the Cisco IOS software forward User Datagram Protocol (UDP) broadcasts, including BOOTP, received on an interface, use the ip helper-address interface configuration command. To disable the forwarding of broadcast packets to specific addresses, use the no form of this command.	ip helper-address address

Module 2: WAN Technologies

There are no commands in this module.

Module 3: PPP

	Command	Command Description	Command Syntax
3.1.6	encapsulation hdlc	This command configures the interface to HDLC encapsulation. This encapsulation method provides the synchronous framing and error detection functions of HDLC without windowing or retransmission. This is the default for synchronous serial interfaces.	encapsulation hdlc
3.1.7	show interfaces serial <X>	Use the show interfaces EXEC command to display statistics for all interfaces configured on the router or access server. The resulting output varies, depending on the network for which an interface has been configured. The summary option limits the amount of information presented.	show interfaces {type number}
	show controllers	Use the show controllers serial privileged EXEC command to display information that is specific to the interface hardware.	show controllers serial [slot/port]
	show controllers cbus	Displays the internal status of each interface processor and lists each interface.	show controller cbus
	debug serial interface	Verifies whether HDLC keepalive packets are incrementing. If they are not, a possible timing problem exists on the interface card or in the network.	debug serial interface
	debug arp	Indicates whether the router is sending information about or learning about routers on the other side of the WAN cloud, using ARP. Use this command when some nodes on a TCP/IP network are responding, but others are not.	debug arp
	debug frame-relay lmi	Obtains Local Management Interface (LMI) information useful for determining whether a Frame Relay switch and a router are sending and receiving LMI packets.	debug frame-relay lmi
	debug frame-relay events	Determines whether exchanges are occurring between a router and a Frame Relay switch.	debug frame-relay events
	debug ppp negotiation	Use the debug ppp EXEC command to display information on traffic and exchanges in an internetwork implementing the Point-to-Point Protocol (PPP). This command displays PPP packets sent during PPP startup, where PPP options are negotiated.	debug ppp {packet \| negotiation \| error \| authentication \| compression \| cbcp}
	debug ppp packet	Use the debug ppp EXEC command to display information on traffic and exchanges in an internetwork implementing the Point-to-Point Protocol (PPP). This command displays PPP packets being sent and received.	debug ppp {packet \| negotiation \| error \| authentication \| compression \| cbcp}
	debug ppp error	Use the debug ppp EXEC command to display information on traffic and exchanges in an internetwork implementing the Point-to-Point Protocol (PPP). This command displays protocol errors and error statistics associated with PPP connection negotiation and operation.	debug ppp {packet \| negotiation \| error \| authentication \| compression \| cbcp}
	debug ppp authentication	Use the debug ppp EXEC command to display information on traffic and exchanges in an internetwork implementing the Point-to-Point Protocol (PPP). This command displays authentication protocol messages, including Challenge Handshake Authentication Protocol (CHAP) packet exchanges and Password Authentication Protocol (PAP) exchanges.	debug ppp {packet \| negotiation \| error \| authentication \| compression \| cbcp}
3.2.6	encapsulation ppp	This command is used to set the encapsulation type of a serial interface to Point-to-Point Protocol (PPP).	encapsulation ppp
3.3.2	compress [predictor \| stac]	To configure software compression for Point-to-Point Protocol (PPP) encapsulation, use the compress interface configuration command. To disable compression, use the no form of this command.	compress [predictor \| stac \| mppc [ignore-pfc]]
	ppp quality percentage	Enables Link Quality Management (LQM) on the interface. The percentage argument specifies the link quality threshold in a range from 1 to 100. That percentage must be maintained, or the link is deemed to be of poor quality and is taken down.	ppp quality percentage
	ppp multilink	To enable Multilink PPP (MLP) on an interface and, optionally, to enable dynamic bandwidth allocation, use the ppp multilink interface configuration command.	ppp multilink [bap]
3.3.3	username Tokyo password cisco	To establish a username-based authentication system, enter the username global configuration command.	username name password secret
	ppp authentication chap	To enable Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) or both and to specify the order in which CHAP and PAP authentication are selected on the interface, use the ppp authentication command in interface configuration mode. The interface must be using ppp encapsulation to access these protocols. To disable this authentication, use the no form of this command.	ppp authentication {chap \| chap pap \| pap chap \| pap} [if-needed] [list-name \| default] [callin]
3.3.5	debug ppp authentication	Use the debug ppp EXEC command to display information on traffic and exchanges in an internetwork implementing the Point-to-Point Protocol (PPP).	debug ppp {packet \| negotiation \| error \| authentication \| compression \| cbcp}
	debug ppp	Use the debug ppp EXEC command to display information on traffic and exchanges in an internetwork implementing the Point-to-Point Protocol (PPP).	debug ppp {packet \| negotiation \| error \| authentication \| compression \| cbcp}
	debug ppp {packet \| negotiation \| error \| authentication}	Use the debug ppp EXEC command to display information on traffic and exchanges in an internetwork implementing the Point-to-Point Protocol (PPP).	debug ppp {packet \| negotiation \| error \| authentication \| compression \| cbcp}
	no debug ppp {packet \| negotiation \| error \| authentication}	To disable a debug command, use the no form of the command.	no debug ppp {packet \| negotiation \| error \| authentication \| compression \| cbcp}

Module 4: ISDN and DDR

	Command	Command Description	Command Syntax
4.2.1	isdn switch-type switch-type	To specify the central office switch type on the ISDN interface, use the isdn isdn switch-type command in global or interface configuration mode. To remove an ISDN switch type, use the no form of this command.	isdn switch-type switch-type
	isdn switch-type none	To specify the central office switch type on the ISDN interface, use the isdn switch-type command in global or interface configuration mode. To remove an ISDN switch type, use the no form of this command.	isdn switch-type switch-type
	isdn switch-type basic-ni	To specify the central office switch type on the ISDN interface, use the isdn switch-type command in global or interface configuration mode. To remove an ISDN switch type, use the no form of this command.	isdn switch-type switch-type
	isdn spid1 spid-number [ldn]	Use the isdn spid1 interface configuration command on the router to define the service profile identifier (SPID) number that has been assigned by the ISDN service provider for the B1 channel. This value is assigned by the ISDN service provider and is usually a 10-digit telephone number with additional digits.	isdn spid1 spid-number [ldn] [ldn2] [ldn3]
	isdn spid2 spid-number [ldn]	Use the isdn spid2 interface configuration command on the router to define the service profile identifier (SPID) number that has been assigned by the ISDN service provider for the B2 channel. This value is assigned by the ISDN service provider and is usually a 10-digit telephone number with additional digits.	isdn spid2 spid-number [ldn] [ldn2] [ldn3]
	interface bri slot/port	Use the interface global configuration command to configure an interface type and enter interface configuration mode.	interface type slot/port
	show isdn status	Displays the status of all ISDN interfaces or, optionally, a specific digital signal link (DSL) or a specific ISDN interface. The dsl range can vary , depending on the hardware platform. Interface-type can be bri or serial.	show isdn status [dsl \| interface-type number]
	clear interface bri 0	This command will clear the hardware logic for the specified slot/port. This is often used with ISDN BRI interfaces to force the interface to resend the SPIDs.	clear interface name-tag type slot/port
	show isdn active	Displays current call information, including called number, the time until the call is disconnected, Advice of Charge (AOC) charging units used during the call, and whether the AOC information is provided during calls or at end of calls.	show isdn active
4.2.2	controller {t1 \| e1} {slot/port}	Defines the controller location in the router by slot and port number.	controller {t1 \| e1} {slot/port}
	framing {sf \| esf}	Use the framing controller configuration command to select the frame type for the T1 or E1 data line. Use this command in configurations where the router or access server is intended to communicate with T1 or E1 fractional data line.	framing {sfadm \| esfadm} (for T1 lines)
	framing {crc4 \| no-crc4} [australia]	Use the framing controller configuration command to select the frame type for the T1 or E1 data line. Use this command in configurations where the router or access server is intended to communicate with T1 or E1 fractional data line.	framing {crc4adm \| pcm30adm \| clear e1} (for E1 lines)
	linecode {ami \| b8zs\| hdb3}	Use the linecode controller configuration command to select the line-code type for the T1 or E1 line. Use the no form of the command to restore the default.	linecode {ami \| b8zs \| hdb3}
	pri-group [timeslots range]	To specify ISDN Primary Rate Interface (PRI) on a channelized T1 or channelized E1 controller, use the pri-group controller configuration command. Use the no form of this command to remove the ISDN PRI configuration.	pri-group [timeslots range]
4.2.3	show dialer	To display general diagnostic information for interfaces configured for dial-on-demand routing (DDR), use the show dialer command in EXEC mode.	show dialer [interface type number]
4.2.4	debug isdn q921	To display data link layer access procedures that are taking place at the router on the D channel (LAPD) of its ISDN interface, use the debug isdn q921 command in privileged EXEC mode. The no form of this command disables debugging output.	debug isdn [event \| q921 \| q931]
	debug isdn q931	To display information about call setup and teardown of ISDN network connections between the local router (user side) and the network, use the debug isdn q931 command in privileged EXEC mode. The no form of this command disables debugging output.	debug isdn [event \| q921 \| q931]
4.3.2	dialer-list 1 protocol ip permit	To define a dial-on-demand routing (DDR) dialer list to control dialing by protocol or by a combination of a protocol and a previously defined access list, use the dialer-list global configuration command. To delete a dialer list, use the no form of this command.	dialer-list dialer-group protocol protocol-name {permit \| deny \| list access-list-number \| access-group}
	dialer-group 1	To control access by configuring an interface to belong to a specific dialing group, use the dialer-group command in interface configuration mode. Use the no form of this command to remove an interface from the specified dialer access group.	dialer-group group-number
	dialer idle-timeout 120	The dialer idle-timeout interface configuration command specifies the amount of idle time, in seconds, before the line is disconnected. Use the no dialer idle-timeout command to reset the idle timeout to the default value of 120 seconds.	dialer idle-timeout seconds [inbound \| either]
	dialer map ip 192.168.3.2 name Moscow 5552000	To configure an ISDN interface to place a call to multiple sites, or to authenticate calls from multiple sites, use the dialer map interface configuration command.	dialer map protocol next-hop-address [name hostname] [spc ] [speed 56 \| speed 64 ] [broadcast ] [modem-script modem-regexp] [system-script system-regexp] [dial-string [: isdn-subaddress]]
	dialer remote-name Moscow	Use the dialer remote-name interface configuration command to specify the authentication name of the remote router on the destination subnetwork.	dialer remote-name username
	dialer string 5552000	To specify the string (telephone number) to be used when placing a call from an interface, use the dialer string interface configuration command. Use the no form of this command to delete the telephone number specified for the interface.	dialer string dial-string [class class-name]
	dialer pool-member 1	To configure a physical interface to be a member of a Dialer Profiles dialing pool, use the dialer pool-member interface configuration command.	dialer pool-member number [priority priority] [min-link minimum] [max-link maximum]
	interface dialer 1	To define a dialer rotary group, use the interface dialer global configuration command.	interface dialer number
	dialer pool 1	To specify, for a dialer interface, which dialing pool to use to connect to a specific destination subnetwork, use the dialer pool interface configuration command.	dialer pool number
	dialer idle-timeout 60	The dialer idle-timeout interface configuration command specifies the amount of idle time (in seconds) before the line is disconnected. Use the no dialer idle-timeout command to reset the idle timeout to the default value of 120 seconds.	dialer idle-timeout seconds [inbound \| either]
	show dialer	To display general diagnostic information for interfaces configured for DDR (dial-on-demand routing), use the show dialer command in EXEC mode.	show dialer [interface type number]
4.3.4	dialer-list dialer-group-num protocol protocol-name {permit \| deny \| list access-list-number}	To define a dial-on-demand routing (DDR) dialer list to control dialing by protocol or by a combination of a protocol and a previously defined access list, use the dialer-list global configuration command. To delete a dialer list, use the no form of this command.	dialer-list dialer-group protocol protocol-name {permit \| deny \| list access-list-number \| access-group}
	dialer-list 1 protocol ip permit	To define a dial-on-demand routing (DDR) dialer list to control dialing by protocol or by a combination of a protocol and a previously defined access list, use the dialer-list global configuration command. To delete a dialer list, use the no form of this command.	dialer-list dialer-group protocol protocol-name {permit \| deny \| list access-list-number \| access-group}
4.3.5	ppp authentication chap	The ppp authentication command is used configure the PPP PAP or CHAP authentication protocols on an interface. The interface must be using ppp encapsulation to access these protocols.	ppp authentication {chap \| chap pap \| pap chap \| pap} [if-needed] [list-name \| default] [callin]
	dialer map protocol next-hop-address [name hostname] [speed 56 \| 64] [broadcast] dial-string	To configure an ISDN interface to place a call to multiple sites, or to authenticate calls from multiple sites, use the dialer map interface configuration command.	dialer map protocol next-hop-address [name hostname] [spc ] [speed 56 \| speed 64 ] [broadcast ] [modem-script modem-regexp] [system-script system-regexp] [dial-string [: isdn-subaddress]]
	dialer string	To specify the string (telephone number) to be used when placing a call from an interface, use the dialer string interface configuration command. Use the no form of this command to delete the telephone number specified for the interface.	dialer string dial-string [class class-name]
4.3.7	interface dialer	To define a dialer rotary group, use the interface dialer global configuration command.	interface dialer number
	dialer string	To specify the string (telephone number) to be used when placing a call from an interface, use the dialer string interface configuration command. Use the no form of this command to delete the telephone number specified for the interface.	dialer string dial-string [class class-name]
	dialer remote-name	Use the dialer remote-name interface configuration command to specify the authentication name of the remote router on the destination subnetwork.	dialer remote-name username
	dialer pool	To specify, for a dialer interface, which dialing pool to use to connect to a specific destination subnetwork, use the dialer pool interface configuration command.	dialer pool number
	dialer pool-member	To configure a physical interface to be a member of a Dialer Profiles dialing pool, use the dialer pool-member interface configuration command.	dialer pool-member number [priority priority] [min-link minimum] [max-link maximum]
	dialer pool-member priority	To configure a physical interface to be a member of a Dialer Profiles dialing pool, use the dialer pool-member interface configuration command.	dialer pool-member number [priority priority] [min-link minimum] [max-link maximum]
4.3.9	debug dialer [events \| packets]	This command is used to display debugging information about the packets received on a dialer interface, including source and destination address, and number dialed.	debug dialer {events \| packets}
	isdn call interface	Forces the local router to attempt to dial into the remote router.	isdn call interface
	clear interface bri	This command will clear the hardware logic for the specified slot/port. This is often used with ISDN BRI interfaces to force the interface to resend the SPIDs.	clear interface type slot/port

Module 5: Frame Relay

	Command	Command Description	Command Syntax
5.2.1	encapsulation frame-relay [cisco \| ietf]	To enable Frame Relay encapsulation, use the encapsulation frame-relay interface configuration command. To disable Frame Relay encapsulation, use the no form of this command.	encapsulation frame-relay [cisco \| ietf]
	frame-relay lmi-type [ansi \| cisco \| q933a]	To select the Local Management Interface (LMI) type, use the frame-relay lmi-type interface configuration command. To return to the default LMI type, use the no form of this command.	frame-relay lmi-type {ansi \| cisco \| q933a }
	show frame-relay map	To display the current map entries and information about the connections, use the show frame-relay map EXEC command.	show frame-relay map
5.2.2	frame-relay map protocol protocol-address dlci [broadcast]	To define the mapping between a destination protocol address and the DLCI used to connect to the destination address, use the frame-relay map interface configuration command. Use the no form of this command to delete the map entry.	frame-relay map protocol protocol-address dlci [broadcast] [ietf \| cisco] [payload-compress {packet-by-packet \|frf9 stac [hardware-options]}]
	description PVC to Dublin, DLCI 102, Circuit #DASS465875, Contact John Tobin (061-8886745)	To add a description to an interface, use the description interface configuration command. Use the no form of this command to remove the description.	description string
5.2.3	interface serial 0.102 point-to-point	Use the interface global configuration command to configure an interface type and enter interface configuration mode.	interface type slot/ port-adapter/port. subinterface-number {multipoint \| point-to-point}
	frame-relay interface-dlci 103	To assign a data link connection identifier (DLCI) to a specified Frame Relay subinterface on the router or access server, use the frame-relay interface-dlci interface configuration command. To remove this assignment, use the no form of this command.	frame-relay interface-dlci dlci [ietf \| cisco] [voice-encap cir]
	show frame-relay pvc	To display statistics about PVCs for Frame Relay interfaces, use the show frame-relay pvc EXEC command.	show frame-relay pvc [type number [dlci]]
	show frame-relay lmi	To display statistics about the Local Management Interface (LMI), use the show frame-relay lmi EXEC command.	show frame-relay lmi [type number]
5.2.5	interface serial number. subinterface-number {multipoint \| point- to-point}	Use the interface global configuration command to configure an interface type and enter interface configuration mode.	interface type slot/ port-adapter/port. subinterface-number {multipoint \| point-to-point}
	frame-relay interface-dlci dlci-number	To assign a data link connection identifier (DLCI) to a specified Frame Relay subinterface on the router or access server, use the frame-relay interface-dlci interface configuration command. To remove this assignment, use the no form of this command.	frame-relay interface-dlci dlci [ietf \| cisco] [voice-encap cir]
5.2.6	show frame-relay map	To display the current map entries and information about the connections, use the show frame-relay map EXEC command.	show frame-relay map
	clear frame-relay-inarp	Clears dynamically created Frame Relay maps, which are created by the use of Inverse ARP.	clear frame-relay-inarp
5.2.7	debug frame-relay lmi	Determines whether the router and the Frame Relay switch are sending and receiving LMI packets properly.	debug frame-relay lmi

Module 6: Introduction to Network Administration

	Command	Command Description	Command Syntax
6.2.7	snmp-server community string ro	Defines the community access string. You can configure one or more community strings. To remove a specific community string, use the no snmp-server community command.	snmp-server community string [view view-name] [ro \| rw] [number]
	snmp-server community string rw	Defines the community access string. You can configure one or more community strings. To remove a specific community string, use the no snmp-server community command.	snmp-server community string [view view-name] [ro \| rw] [number]
	snmp-server contact text	Sets the system contact string.	snmp-server contact text
	snmp-server location text	Sets the system location string.	snmp-server location text
6.2.9	logging on	Message logging is enabled by default. It must be enabled in order to send messages to any destination other than the console. To disable message logging, use the no logging on command. Note that disabling the logging process can slow down the router because a process cannot continue until the messages are written to the console.	logging on
	logging hostname \| ip address	To send log messages to a syslog server host, like CiscoWorks2000.	logging {hostname \| ip-address}
	service timestamps log datetime	Enables log time stamps.	service timestamps log datetime [msec] [localtime] [show-timezone]
	logging trap informational	To set logging severity level to level 6 or informational.	logging trap informational

Case Study: WAN Technologies

There are no commands in this case study.



	All contents copyright © 2003 Cisco Systems, Inc. All rights reserved.